I have set up a firewall/gateway to handle all internet requests.
Everything's looking great and I'm surfing the web quite happily from my
Linux box. Then I try to run a search from yahoo (www.yahoo.com) and hit
problems. Once I've entered a search string and hit the search button the
browser just sits there an eventually times out.
It appears that yahoo is sending an ACK which I'm blocking (because it's not
part of an initialisation), unless I've misunderstood the communication
process.
Here's the rules where I set them:-
$IPTABLES -N bad_tcp_packets
$IPTABLES -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j LOG
--log-prefix "New not syn:"
$IPTABLES -A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j DROP
And here's the message I get when yahoo attempts to send the ACK.
New not syn:IN=ppp0 OUT= MAC= SRC=212.158.*.* DST=217.135.*.* LEN=52
TOS=0x00 PREC=0x00 TTL=63 ID=27155 PROTO=TCP SPT=80 DPT=32782 WINDOW=8760
RES=0x00 ACK RST URGP=0
What's going on there then?
Thanks.
jon.
Better than having your body rubbed vigorously with a cheese grater.
http://www.samuri.co.uk.
_________________________________________________________________
Tired of spam? Get advanced junk mail protection with MSN 8.
http://join.msn.com/?page=features/junkmail
